We all know that ransomware is one of the biggest threats facing UK organisations today. You only have to take a look at the headlines to see the havoc it’s wreaking all over the country, and the world. But although the broad message seems to be getting through, Trend Micro research has revealed a troubling lack of awareness when it comes to the details.
As we head towards VMworld Europe in a fortnight it’s worth remembering that only a layered approach to protection offers the best chance of success. That’s because corporate servers are increasingly being singled out by the black hats as vulnerable targets. Continue reading →
On Tuesday 12 January, Microsoft ended support for several versions of Internet Explorer in an attempt to force customers to upgrade to newer, more secure versions of the browser. Now the news has been a long time coming – well over a year in fact. But the deadline is still likely to come too soon for many UK organisations. The risk here is that cybercriminals are now lining up to create exploits for flaws which will no longer be patched by Redmond, exposing countless firms to the risk of damaging data breaches and disruption.
Any move designed to improve the security of the user community should be welcomed. But it’s vital that UK IT managers lock down this vulnerability blind spot until all their machines are fully upgraded. Continue reading →
The recent public dispute over vulnerability disclosure between Google and Microsoft threatened for a few weeks to catapult the humdrum topic of patch management into mainstream discourse. And while Google seems to have diffused the tension somewhat by agreeing to add a fortnight’s “grace period” onto its 90-day disclosure time frame, huge challenges remain. But most of the conversation thus far has been focused on whether the vendors are being given enough, or too much, time to patch flaws. We should more properly be asking: “What about their customers?” Continue reading →